FP-Scanner: The Privacy Implications of ...
Type de document :
Communication dans un congrès avec actes
Titre :
FP-Scanner: The Privacy Implications of Browser Fingerprint Inconsistencies
Auteur(s) :
Vastel, Antoine [Auteur]
Self-adaptation for distributed services and large software systems [SPIRALS]
Laperdrix, Pierre [Auteur]
Department of Computer Science [Stonybrook - NY]
Rudametkin, Walter [Auteur]
Self-adaptation for distributed services and large software systems [SPIRALS]
Rouvoy, Romain [Auteur]
Self-adaptation for distributed services and large software systems [SPIRALS]
Institut universitaire de France [IUF]
Self-adaptation for distributed services and large software systems [SPIRALS]
Laperdrix, Pierre [Auteur]
Department of Computer Science [Stonybrook - NY]
Rudametkin, Walter [Auteur]
Self-adaptation for distributed services and large software systems [SPIRALS]
Rouvoy, Romain [Auteur]
Self-adaptation for distributed services and large software systems [SPIRALS]
Institut universitaire de France [IUF]
Titre de la manifestation scientifique :
Proceedings of the 27th USENIX Security Symposium
Ville :
Baltimore
Pays :
Etats-Unis d'Amérique
Date de début de la manifestation scientifique :
2018-08-15
Mot(s)-clé(s) en anglais :
web privacy
browser fingerprinting
browser fingerprinting
Discipline(s) HAL :
Informatique [cs]/Système d'exploitation [cs.OS]
Informatique [cs]/Web
Informatique [cs]/Informatique mobile
Informatique [cs]/Informatique ubiquitaire
Informatique [cs]/Génie logiciel [cs.SE]
Informatique [cs]/Web
Informatique [cs]/Informatique mobile
Informatique [cs]/Informatique ubiquitaire
Informatique [cs]/Génie logiciel [cs.SE]
Résumé en anglais : [en]
By exploiting the diversity of device and browser configurations, browser fingerprinting established itself as a viable technique to enable stateless user tracking in production. Companies and academic communities have ...
Lire la suite >By exploiting the diversity of device and browser configurations, browser fingerprinting established itself as a viable technique to enable stateless user tracking in production. Companies and academic communities have responded with a wide range of countermeasures. However , the way these countermeasures are evaluated does not properly assess their impact on user privacy, in particular regarding the quantity of information they may indirectly leak by revealing their presence. In this paper, we investigate the current state of the art of browser fingerprinting countermeasures to study the inconsistencies they may introduce in altered fingerprints , and how this may impact user privacy. To do so, we introduce FP-SCANNER as a new test suite that explores browser fingerprint inconsistencies to detect potential alterations, and we show that we are capable of detecting countermeasures from the inconsistencies they introduce. Beyond spotting altered browser fingerprints, we demonstrate that FP-SCANNER can also reveal the original value of altered fingerprint attributes, such as the browser or the operating system. We believe that this result can be exploited by fingerprinters to more accurately target browsers with countermeasures.Lire moins >
Lire la suite >By exploiting the diversity of device and browser configurations, browser fingerprinting established itself as a viable technique to enable stateless user tracking in production. Companies and academic communities have responded with a wide range of countermeasures. However , the way these countermeasures are evaluated does not properly assess their impact on user privacy, in particular regarding the quantity of information they may indirectly leak by revealing their presence. In this paper, we investigate the current state of the art of browser fingerprinting countermeasures to study the inconsistencies they may introduce in altered fingerprints , and how this may impact user privacy. To do so, we introduce FP-SCANNER as a new test suite that explores browser fingerprint inconsistencies to detect potential alterations, and we show that we are capable of detecting countermeasures from the inconsistencies they introduce. Beyond spotting altered browser fingerprints, we demonstrate that FP-SCANNER can also reveal the original value of altered fingerprint attributes, such as the browser or the operating system. We believe that this result can be exploited by fingerprinters to more accurately target browsers with countermeasures.Lire moins >
Langue :
Anglais
Comité de lecture :
Oui
Audience :
Internationale
Vulgarisation :
Non
Collections :
Source :
Fichiers
- https://hal.inria.fr/hal-01820197/document
- Accès libre
- Accéder au document
- https://hal.inria.fr/hal-01820197/document
- Accès libre
- Accéder au document
- https://hal.inria.fr/hal-01820197/document
- Accès libre
- Accéder au document
- document
- Accès libre
- Accéder au document
- fpscanner_normal.pdf
- Accès libre
- Accéder au document